Fingertip fortress

GCN Lab Test: IronKey puts an arsenal of security features into a high-capacity key drive

By Nate Wooley

Nov 02, 2007

IronKey 4G Secure Flash drive

Pros: Has many security features in a small form factor and can also protect Web browsing.

Cons: Requires more setup than a typical unsecured drive.

Performance: A

Features: A+

Ease of use: A-

Value: A

GCN

Everyone knows that big things sometimes come in small packages, but the IronKey rugged secure USB drive is almost ridiculous in terms of the number of usable security features packed into its tiny frame.

The IronKey we tested was a 4G model that sells for $149. With that much storage space at that price, we were immediately ready to say 'sold!' But with the IronKey, large-capacity drives ' there are also 1G and 2G models ' for reasonable prices are just the beginning.

IronKey protects data better than any other key drive we have tested, and it can also protect your Web surfing, even letting you monitor the circuits your data is taking throughout the Internet and change them on the fly while also erasing your trail.

Let's start with the key itself. The IronKey has a tough metal case ' though not iron ' that has been injected with an epoxy compound. The result is a key drive that can meet Military Standard 810F for rugged devices and exceed it for water tolerance. In fact, you can completely submerge the IronKey without damaging the data or the hardware. The resin also makes the key pretty much impossible to tamper with without causing irreparable and easily noticeable damage.

[IMGCAP(1)] Not that you have to worry much about someone getting to your data. Once you place data on the IronKey, the device encrypts it using the embedded Cryptochip with military-grade Advanced Encryption Standard. Because this is hardware-based encryption, it works much faster than the software-based engines we have seen on other secure drives.

And as a bonus, the key drive does not need any installation on systems where it is running. That means you don't need administrator access on a host system to securely store your files. We tested this on a secure network, and the IronKey came up like a CD-ROM drive in the My Documents folder. Other drives refused to run because of the lack of administrator privileges, but the IronKey gave us full access to all its functions.

Even the physical setup of the IronKey spells security. When you get one, you peel back a plastic covering to reveal a spot on the housing where you can sign your name. Once you do that, tampering with the name is virtually impossible, much like the strip on the back of most credit cards.

You need to set up a password to access your IronKey. The password needs to be at least four characters long to prevent brute-force hacking attempts. Why? Because of a unique and ' for your device ' somewhat dangerous feature that goes beyond anything else we have seen in terms of data protection. Simply put, if 10 incorrect attempts are made on the password, the device destroys itself. Not only is all data on it completely erased, but the entire device renders itself unusable. This might bring to mind an episode of 'Mission Impossible,' but what it does in practical terms is make the person who stole your IronKey the proud owner of a shiny lump of metal.

Included software will let you restore your data to a new IronKey, assuming you bothered to back it up beforehand. Also, the counter for the number of password entry tries is stored on the Cryptochip, so it's not vulnerable to hacking. A great feature.

You can create a message to appear whenever you put the drive into a computer. That way, anyone who finds it can see your contact information and return the drive. Considering that all the rest of your data is secured, this handy function can ensure that good Samaritans have something to work with. Having found key drives other people have dropped in airports or train stations, I know it can be a pain to find the rightful owner even of an unsecured drive. This message would be a good feature on any drive, and it is a necessity here.

But the IronKey is more than a super-secure storage device. It also performs the valuable function of keeping your personal and government data safe when you go online. The drive comes with a hardened version of Firefox. When using any computer, all your cookies, bookmarks and online passwords are kept on the drive with no trace left on the host system. It lets you bring your desktop settings with you wherever you go.

At the bottom of the hardened Firefox browser is a secure icon. Clicking on that creates a secure virtual private network to a Web server hosted by IronKey. The tunnel between your computer and the IronKey server is encrypted. The IronKey server then decrypts data before sending it on to a destination. This spy-style feature means Web sites you visit can't get your actual IP address.

When using the IronKey Secure Session service, there are additional tools to enhance the browsing functions even further. The Network Map shows all the circuits your Web traffic is flowing from. Without much effort, you can order a new path for the encrypted Web traffic or change your apparent online identity so anyone trying to track you will be sent back to square one.

The IronKey also will learn your passwords if you want it to. So if you are using a public terminal, you can send your user identification and password without having to type anything, protecting you from key-loggers that might be installed on the system. You can also set up often-used information, such as your credit card number, agency address and any other information, so it can be sent the same way without typing any data on a local system. You can rest easy knowing all that data is protected by the IronKey and use it securely from anywhere in the world.

Password powerFinally, the IronKey can generate very long random password strings and then remember them for you. If you are concerned about someone guessing your kid's birthday or your pet's name, have the IronKey make a long random password for you and use it whenever you are online.

Using the IronKey is more involved than using a normal plug-and-play drive. You need to use the included CD to set up an account with the company to use all the online services. This is not difficult, and the extra security services make it more than worth a few minutes of your time.

This IronKey is the most secure drive we have ever seen, and the online security features are handy and helpful, keeping your agency and your secrets safe in a hostile world. It earns a Reviewer's Choice designation for taking security to the max.